Firewall Protection
181
ProSecure Unified Threat Management (UTM) Appliance
Set Up IP/MAC Bindings
IP/MAC binding allows you to bind an IP address to a MAC address and the other way
around. Some computers or devices are configured with static addresses. To prevent users
from changing their static IP addresses, the IP/MAC binding feature needs to be enabled on
the UTM. If the UTM detects packets with an IP address that matches the IP address in the
IP/MAC Bindings table but does not match the related MAC address in the IP/MAC Bindings
table (or the other way around), the packets are dropped. If you have enabled the logging
option for the IP/MAC binding feature, these packets are logged before they are dropped.
The UTM displays the total number of dropped packets that violate either the IP-to-MAC
binding or the MAC-to-IP binding.
Note: You can bind IP addresses to MAC addresses for DHCP assignment
on the LAN Groups submenu. See Manage the Network Database
on page 112.
As an example, assume that three computers on the LAN are set up as follows, and that their
IP and MAC addresses are added to the IP/MAC Bindings table:
• Host 1. MAC address (00:01:02:03:04:05) and IP address (192.168.10.10)
• Host 2. MAC address (00:01:02:03:04:06) and IP address (192.168.10.11)
• Host 3. MAC address (00:01:02:03:04:07) and IP address (192.168.10.12)
There are three possible scenarios in relation to the addresses in the IP/MAC Bindings table:
• Host 1 has not changed its IP and MAC addresses. A packet coming from Host 1 has IP
and MAC addresses that match those in the IP/MAC Bindings table.
• Host 2 has changed its MAC address to 00:01:02:03:04:09. The packet has an IP
address that matches the IP address in the IP/MAC Bindings table but a MAC address
that does not match the MAC address in the IP/MAC Bindings table.
• Host 3 has changed its IP address to 192.168.10.15. The packet has a MAC address that
matches the MAC address in the IP/MAC Bindings table but an IP address that does not
match the IP address in the IP/MAC Bindings table.
In this example, the UTM blocks the traffic coming from Host 2 and Host 3, but allows the
traffic coming from Host 1 to any external network. The total count of dropped packets is
displayed.
To set up IP/MAC bindings:
1. Select Network Security > Address Filter > IP/MAC Binding. The IP/MAC Binding
screen displays. (The following figure shows some bindings in the IP/MAC Binding table
as an example.)